CISA Refresher 5 Flashcards
List and explain the considerations that go into any sourcing decision.
A company’s preference to insource, outsource, or hybrid source will be based on several different factors; the benefits of insourcing versus those of outsourcing; the competitive advantage provided by each type of sourcing; the location where the work will be performed: the benefits of going offshore; and, the disadvantages of bringing work back from an offshore location. Although companies are seeking skilled labor at low wages when they move off shore, they should also consider factors such as the taxation practices, exchange rates, legal restrictions, and cultural differences of other countries. These can undermine any advantage gained by cheap labor. For instance, when a company chooses to outsource, it increases turnaround and cycle time. It also may alienate its American clientele.
management.
An operation is any procedure intended to create a pre defined result. The goal of operations management is addressing user requests in a consistent and effective manner, and remedying the problems encountered during daily business operations. When evaluating operations management, IS auditors should ensure that operation managers and their staff are directly supporting the technical responses set forth by middle management. In turn, these technical responses should be supporting the strategic objectives created by executive management. Auditors must be able to differentiate between volume of work and effectiveness of work; even the busiest workers are of little help to the organization if their work is not supporting business objectives. Auditors should also ensure the organization is capable of sustaining its processes, which is only possible if three factors are
systems programmer.
Organizational charts normally include the following IT positions;
Explain insourcing, outsourcing, and hybrid sourcing.
Every company must address the sourcing issue, which involves determining a location and a method for performing key work functions, such as manufacturing, customer support, accounting, payroll, printing, human resources, record management, and software development. These work functions can be performed either on-site or off-site by means of insourcing, outsourcing, or hybrid sourcing. When a company chooses insourcing, its own personnel will perform the work function. If the company chooses outsourcing, it contracts a third-party vendor to perform the work function. Outsourcing often involves using !cheaper labor at an offshore location, such as India, China, or Russia. Yet another method is hybrid sourcing, which combines characteristics of insourcing and outsourcing: companies maintain control over the work function while contracting any collateral work over to third-party vendors. This method is particularly useful when a company lacks the resources to take full advantage of an economic opportunity and must embark on a joint venture.
Explain the organizational chart. Then, explain the responsibilities of the following IT positions: IT director and IT operations manager.
An organizational chart is essential in defining roles and responsibilities. It lists each position and describes its corresponding job function within the organization. It also identifies the person in charge for every level, and explains the reporting relationships between positions. Auditors should ensure that an auditee’s organizational chart is both current and accurate. Inaccurate or out-of-date charts reveal internal control problems. Most organizational charts include the following IT positions:
Explain the responsibilities of the following IT positions: applications programmer, information security manager, and change control manager.
Organizational charts normally include the following IT positions:
Explain change control. Then, explain the auditor’s expectations for IT controls.
Change control includes processes for managing the implementation of change. It enables change to occur in an orderly and regulated manner, thereby minimizing confusion and resistance among organizational personnel. It also allows the organization to monitor and respond to any
Explain the first and second component groups of a computer.
A computer’s first component group includes three types of devices: CPU (Central Processing Unit), high-speed CPU memory cache, and RAM (Random Access Memory). The CPU is the central component in this group, and is supported by the other two. Using an arithmetic logic unit, it performs complex calculations far more quickly and accurately than any human can. The high-speed memory cache serves as a buffer between the CPU and RAM, and enables the CPU to operate at the highest possible speed and efficiency. RAM is solid-state memory, considerably slower than the other components but necessary to the CPU’s
positions: data entry staff and help desk.
Organizational charts normally include the following IT positions:
Explain compensating controls. Include a discussion of the importance of clearly defining and separating IT roles. Then, explain the following compensating controls: auditing, and job rotation.
By clearly defining and separating IT roles, the organization ensures that every person is answerable to someone else, and that no one is capable of arbitrarily carrying out an action or taking assets. Organizational charts help define and maintain separation between IT roles; however,
transaction logs, reconciliation, exception report, and supervisor review.
Compensating controls include the following activities:
masking.
Multiprocessor computers contain multiple CPUs. Through a technique known as pipelining, they alleviate the problems associated with time
describe mainframe computers.
Computers can be classified in four primary categories based on their size, processing power, and throughput, which indicates the amount of information they can process over a specific time interval. The categories are: mainframe computers, supercomputers, minicomputers, and microcomputers.
Explain supervisory state and problem state.
Supervisory state and problem state are the two basic modes under which most computers operate. The supervisory state is reserved for supervisory users, also known as administrators, superusers, or root users. It removes security controls and allows the highest level of access to programs and processing requests. Without this unrestricted level of access, the supervisory user would be unable to perform his primary job tasks, which include managing change, configuring and maintaining the system, and performing administrative functions. Every other user must operate under the problem state, which activates all security controls and denies access to high-level programs and processing requests. In
functional roles that computers are expected to fulfill in an IT environment
Any computer purchased commercially should perform the following tasks: interact with peripheral devices; run a common software program and operating system; store and retrieve data via a file system; manage communications and work allocation between the CPU and programs; regulate access to secure systems and information; and provide a shell,
Describe miniccomputers, microcomputers, and supercomputers.
Minicomputers (or midrange computers) lack the processing power and throughput of a mainframe, but provide a cheaper alternative for organizations of limited size and financial means. Although midrangec omputers have security controls that are inferior to mainframes, they
following data storage media: magnetic tape.
Tape management systems and disk management systems help ensure that data is securely stored and controlled. They automate the process of tracking and labeling data files, enabling a user to quickly identify the contents, status, and location of every data storage device.
Explain the following data storage medium: magnetic hard disk. Include a discussion of RAID.
Magnetic hard disks are capable of storing anywhere between megabytes and terabytes of information, and are the most prevalent online storage media. A single disk may be permanently contained within a closed disk drive, or several disks may be grouped in a storage
Explain the following data storage media: magnetic soft disk, optical CD-ROM, optical CD-RW, and optical DVD
Magnetic soft disks are small, removable, and portable devices such as floppy disks and Zip drives, in which a reprogrammable disk is contained In a hard, plastic casing. Disks can hold between 1 megabyte and multiple gigabytes of data.
Explain Open Systems Interconnect Model (or OSI) and list each OSI layer. Then, explain the Transmission Control Protocol/Internet Protocol (TCP/IP).
Open System Interconnect Model, or OSI, is a network training model that separates data communication into multiple networking layers. Each layer of the network has its own special role, and supports the layer above it Transmission Control Protocol/internet Protocol, or TCP/IP, is a networking protocol. Like the OSI model, TCP/IP stratifies the network into multiple layers:
Explain the following data storage media: read-only memory and flash memory.
Read-only memory, or ROM, contains data that has been permanently programmed on semiconductor chips by fusing microscopic, integrated circuits. These chips cannot be transferred, nor can they be upgraded unless they are removed and replaced. ROM provides solid-state storage that is both nonvolatile and incapable of being altered or erased; consequently, it provides excellent security, but may prove very limiting if constant upgrades are necessary. The greatest benefit of ROM is extremely quick loading time.
Explain the security problems associated with RAID
Every computer has a set of physical input/output ports (I/O), which enable communication with other computers and storage devices. Unfortunately, a person can use these ports to bypass security controls and gain an unrestricted level of access to the system; therefore, organizations must implement port controls. These include physical security controls, which safeguard physical access to the ports, and logical controls, which are software programs designed to protect data transfers. PCs are especially vulnerable because they have so many different ports; USB, RS-232, keyboard, expansion slots, disk channels, etc. Mainframes are vulnerable through their terminal, modem, and LAN ports. To ensure that the organization has implemented all necessary
Explain Layer 1 and Layer 2 of the OSI model.
Layer 1, or the physical layer, identifies the wiring and voltages necessary to establish, sustain, and break off an electrical connection between multiple computers or systems. Essentially, this layer is a description of functional specifications.
Explain Layer 3 of the OSl model.
Layer 3, or the network layer, includes protocols that direct a data transmission along a speciflc path and to a specific destination using an Internet Protocol (IP) address. Each system on the network has a unique IP address, and multiple systems can be grouped together to form larger IP subnetworks, or subnets. When sending information to a specific location, a computer first determines the IP address of that location. Then, the computer combines the IP address with its own MAC address.
Explain Layer 4 of the OSI model. Then, define unicast and multicast.
Layer 4, or the transport layer, includes protocols that encapsulate the data for transport along the network. TCP (Transmission Control Protocol) is one such protocol. It methodically breaks down the data transmission into manageable segments. Each segment contains a sequencing number, which enables the destination computer to reconstruct the message. TCP is known as a reliable transport method because it provides delivery confirmation to the computer that sent the data. Other transport protocols, such as UDP (User Datagram Protocol),
Explain Local Area Network, or LAN.
Loacal Area Networks, or LANS are simply localized computer networks, usually covering a home, office, building, or other small geographical area. LANs allow multiple computers to exchange information and partake in certain services, such as email, file sharing, and printing. Data is transmitted through the network using one of th following methods:
Explain network routing, static routing, and dynamic routing.
Network routing is the method by which routers direct traffic to the correct locations along the network. There are two methods of routing: static and dynamic. In static routing, the network administrator manually enters a TO-FROM map containing every IP address into the routing table of each router. Although static routing is very secure, it is impractical for networks with complex or unpredictable traffic.
Explain Layers 5, 6, and 7 of the OSl model.
Layer 5, or the session layer, includes the protocols that initiate and manage communication sessions between systems on the network. Using these protocols (such as SQL net database and Network File System), the user’s system will set up, govern, and terminate data transmissions to other systems.
Explain Ethernet.
An Ethernet is a type of network usually configured with a bus or star topology. It is most often used when network traffic consists of voice or data transmissions and all network media are confined to one location .
collisions.
Because collisions are so common, Ethernets have two primary mechanisms designed to preserve data integrity: CSMA/CD and CSMA/CA. CSMA/CD enables network devices to detect collisions and
Explain star topology. Then, explain the relationship between routers and LANs.
A star topology connects every network node (computer workstations and other devices) to a central hub or switch. These hubs/switches
Explain network meshing.
Meshing increases redundancy by creating additional connections between critical backbone points on a network. Meshing is very common in star topoiogies; the IT department identifies all links across the network, and determines which alternate link should be used when the primary one is severed. This information is then entered into the router. Networks can be meshed using two primary methods:
topology.
Network topology describes the configuration of all network components, including its computers, cables, routers, hubs, switches, and other devices. Most networks will follow one of three standard topologies: bus, star, or ring. IS auditors should ensure that networks have the following controls:
Explain ring topology.
A ring topology links all network devices in a closed loop, creating high speed and high performance. Because there is no hub or switch linking the network nodes (computer workstations and other devices), they rely on each other for communication; consequently, in a simple ring topology, a single malfunctioning device can disrupt the entire network.
Explain cable plant. Then, explain unshielded twisted pair cable.
A cable plant is simply another name for a network cable installation. Although auditing does not require the ability to design a network, auditors should have a basic understanding of the three different cable types—UTP, coaxial, and fiber-optic—and their respective strengths and weaknesses .
Explain coaxial cable and fiber-optic cable.
Coaxial cable contains a mesh shielding that protects it from electrical interference. It is an older form of cable used in earlier bus topology Ethernets, and has largely been replaced by faster cables, such as UTP.
Explain the following network components: hubs, switches, and routerrs.
A hub links a group of network devices. It amplifies, sends, and retimes the electrical signals of each device across all access ports. In this way, data traffic is spread over the entire network. Hubs are included in layer 2 of the OSI model.
Explain Domain Name Service (DNS) and Dynamic Host Configuration Protocol (DHCP).
Domain Name Service, or DNS, enables a user to access a website even if he does not know its IP address. He simply types in a fully qualified
Explain the following network components: Wi-Fi transmitter, rpeaters and bridges.
Wi-Fi transmitters are short-range, wireless communications devices. They link laptops, PDAs, and other handheld devices to the network.
Explain virtual LANs, or VLANs.
A virtual LAN, or VLAN, simulates a subnetwork for a group of computers. It is created using the following techniques:
List and explain the steps of Dynamic Host Configuration Protocol (DHCP).
The Dynamic Host Configuration Protocol, or DHCP, involves the following steps:
Explain Wide Area Network, or WAN.
A Wide Area Network, or WAN, is simply a computer network capable of covering a much wider geographical region than a LAN. Organizations implement WAN equipment and protocols at OSl layers 1,2, and 3 (physical, data link, and network), and may rent communication lines from the telecommunications industry, creating networks that span multiple states. Public Switched Telephone Networks (PSTN) and Integrated Services Digital Network (ISDN) can provide dialup services for WANs, which can also utilize message switching, circuit switching, and packet switching. WANs communicate using three possible methods; simplex, meaning one direction; half-duplex, meaning one direction at a time; and, full duplex, meaning both directions simultaneously using separate circuits. WANs use both switch and dedicated circuits, and follow the same communication protocols that LANs follow.
and DSL.
Users can access a network using the following wired connections:
Explain the following wired network devices: X.25 and frame-relay.
Users can access a network using the following wired connections:
multiplexor.
A LAN can acquire access to a WAN using the following dialup devices:
and ISDN.
Users can access a network using the following wired connections:
radio and Satellite radio.
Users can access a network using the following wireless connections:
Explain the following wireless network devices: microwaves and lasers
Users can access a network using the following wireless connections:
Explain radio frequency identification (RFID) tags.
A radio frequency identification (RFID) tag is a short-range wireless communication device that consists of silicon chips and antennas. It enables automated tracking of products and inventory. IS auditors should be aware of the basic kinds of RFID tags. Passive tags, for instance, are detected by scanners at a certain distance, and are frequently used to track inventory. Some passive tags are small enough to be constructed into products or implanted into living hosts. Despite the privacy issues raised by such devices, hospitals have considered using them to track newborn children and elderly patients. Other, nonpassive RFID devices may have the ability to broadcast signals. These tags receive queries from a broadcast source and then transmit a response using an imbedded transponder. Non-passive RFID devices
Explain simple network management protocol, or SNMP.
Using a simple network management protocol (SNMP), a network administrator monitors and checks the status of routers, servers,
network (PAN).
Metropolitan area networks (MANs) link computers located in different buildings within the same city. They are larger than a LAN and smaller than a WAN.
Explain syslog and automated cable tester.
The syslog and automated cable tester are tools of network management, and assist the network administrator as he monitors